Method and system for controlling network access

ABSTRACT

A method and system for disabling traffic from a specific device or devices on a WiFi network via a remote script or other action. In one embodiment, the method is implemented as an application that executes on a device such as a smart phone (e.g., IOS iPhone, Android operating system device) or tablet (e.g., iPad).

RELATED APPLICATION(S)

The present disclosure claims priority to Provisional Application61/657,963 filed Jun. 11, 2012, which is incorporated herein byreference in its entirety for all purposes.

FIELD OF THE INVENTION

This disclosure relates to a method and system for managing an internetconnection (LAN, WAN, or other connections) remotely from a connected orwireless device such as a smartphone (e.g., IOS iPhone, Androidoperating system device etc.), tablet (e.g., iPad), or even a desktopapp (e.g., a OSX App via the “App store” or PC App, for example aWindows 8 App).

BACKGROUND

More and more devices, including game consoles, computers, and laptopsto name a few, utilize bandwidth. The bandwidth requirements of suchsystems can become problematic when the devices are all accessing thesame network. Accordingly, there is a need to control connections withina local area network and out of a network. An example of a connectionthat may need to be controlled is, a WiFi router for disabling trafficfrom a specific device or devices on the network via a remote script orother action.

SUMMARY

The present disclosure provides a method and system for disablingtraffic from a specific device or devices on a network via a remotescript or other action. In one embodiment, the method is implemented asan application that executes on a device such as a smart phone (e.g.,IOS iPhone, Android operating system device), tablet (e.g., iPad) or adesktop app (e.g., a OSX App via the “App store” or PC App, for examplea Windows 8 App).

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 illustrates an example of what the user sees and does the firsttime through the disclosed method in accordance with the presentdisclosure.

FIG. 2 illustrates an example of the user experience after the method(implemented via a smartphone, tablet or other WiFi enabled device) isinitially set up for use in accordance with the present disclosure.

FIG. 3 illustrates an example of the disclosed method (i.e.,application) in relation to what it controls in accordance with thepresent disclosure.

FIG. 4 illustrates an example of a system constructed in accordance withthis disclosure, and various controlled devices in accordance with thepresent disclosure.

FIG. 5 illustrates an example of a user interface in accordance with thepresent disclosure.

DETAILED DESCRIPTION

The present disclosure provides network control for wireless andconnected devices. That is, the disclosure provides a “Network AccessManager.”

The application has the ability to log into a network, such as via arouter, in order to disable/enable traffic from a specific device on thenetwork via a remote action. This action may be run from a mobile orwired device running the application, such as, but not limited to, aniOS iPhone/iPad or Android operating system device.

Using the native iOS/Android development languages such as Objective-Cor Java, the application will utilize reconstructed POST form data tologin to administrative control pages. The application controls theInternet access of devices connected to the network by manipulatingaccess control policies, however implemented on the network (e.g. MACaddress filters on a router), via the controlling device's (e.g. therouter's) administration pages and/or APIs.

On initial launch of the application, one embodiment scans for allrouters within its range and allows the user to select a router toaccess and control while another embodiment has the router preconfiguredto work with the application and simply requires authentication beforeadministration of devices connected to it. In both embodiments, theapplication determines the make and model of the router in order tounderstand how to turn network access on and off for devices that areconnected if access control is not already known by the application. Inone embodiment, the application prompts the user to provide at least oneform of authentication, for example, but not limited to, entering thewireless router's administrative login and password. Otherauthentication methods could easily replace standard login/passwordcombination authentication, for example, but not limited to, biometricidentification. The application then displays the list of devices on thenetwork. In one embodiment, devices on the network can be named/renamedby the user for easy reference. In one embodiment, disabling theinternet/network access of a device is achieved by clicking on agraphical control switch adjacent to the device label (or on the labelitself). Reenabling the internet/network access of a device is achievedvia the same control switch (or, again, via the device's label itself).

FIG. 1 illustrates a method 100 of the present disclosure and the stepstaken by a user upon initially starting the system. First a user enablesthe system (not shown) for instance by selecting an icon via a touchscreen or other user interface. Then at step 110 the system displays asplash screen, such as a screen showing the system's logo and/or otherinformation. During start up, for instance while the splash screen isdisplayed at step 110, the system scans the network to locate connecteddevices. This can include locating one or more routers available to becontrolled or may involve identifying devices connected to apreconfigured router. At step 112 the system displays devices availableon the network to the user and allows the user to select a particulardevice, such as a router to connect to and control. For clarity thecontrolled device is referred to herein as a router (to distinguish itfrom devices connected to the router), but it can be any devicefacilitating a connection to one or more other devices. This step can beskipped if the system is preconfigured to control a particular router.Once the user has selected a router to control, at step 114 the systemallows the user to login to the router by receiving login informationsuch a username and password, biometric data, or other identifying data.

After step 114 the system displays a list of devices connected to therouter. At step 116 the user can select a particular device for instanceby selecting an icon via a touch screen or other user interface. Then atstep 118 a device detail screen is displayed showing information aboutthe selected device. At step 120 the user can give the device a name toidentify it such as Suzie's PC or Tim's iPad Mini. Finally at step 122the system allows the user to add the device to a white list, meaning itis allowed to connect to the router. This initialization process is onlynecessary upon initial log-in or to allow a new device to connect to therouter that has not previously been added to the white list.Alternatively, all devices can be allowed to access the internet via therouter until such time that the connection is disabled by the user. Inthis instance the router maintains a list of devices that are notallowed to access the internet as opposed to a list of devices that areallowed to access the internet.

FIG. 2 illustrates a method 200 of the present disclosure and the stepstaken by a user while using the system after the initial set up iscomplete. At step 210 the system displays a list of devices connected tothe router. At step 212 the user can select a device. Then at step 214the user can block the selected device. It is also possible to allowaccess to a previously blocked device by the same process of selectingthe device and unblocking it (as opposed to blocking it). The blockingand unblocking can be achieved via a simple toggle mechanism, such as aslider or on/off button in the system.

FIG. 3 shows the various devices used in the system 300. A smart phone310 running a mobile application provides the mobile control of a router312. The smart phone can also be a tablet or other device that iscapable of running application software. The smartphone 310 communicateswith router 312 via a mobile internet connection. The mobile internetconnection can be any known method including, but not limited to, 3G,4G, LTE, or WiFi. FIG. 2 also illustrates three devices 314, 316, 318that are connected to the router 312, which can be controlled via thesystems and methods of the current disclosure. Devices 314, 316, 318 canbe any device connected to the router, for instance mobile phones,computers, tablets, game consoles, etc. Three devices are shown in thisexample, but more or fewer devices may be connected to the router andcontrolled by the systems and methods of the current disclosure.

FIG. 4 shows another embodiment of the invention as implemented in asystem 400. A device 410 runs an application 436 that allows for eitherwireless or wired control of internet/network connections. Device 410can be any device capable of running the application including, but notlimited to, a smart phone, tablet, laptop or desktop computer, or othercomputing device. Device 410 includes a processor 430 that is operableto execute computer code such as application 436. Device 410 furtherincludes a memory 432 and a random access memory (RAM) 434. Application426 can be stored in memory 432 for execution by processor 430. Device410 also includes an operating system 438 and a display 435. Operatingsystem 438 can be any operating system depending upon the type of device410. For instance, if device 410 is a smart phone or tablet operatingsystem 438 may be an iOS or Android operating system. If device 410 is alaptop or desktop computer, operating system 438 may be a Windowsoperating system, a Linux based operating system, or OS X, among others.Similarly, display 435 can vary depending upon the type of device 410.For instance, if device 410 is a smart phone or tablet display 435 maybe a touch screen such that it can display data while also serving as aninput source for the user. If device 410 is a laptop or desktop computerdisplay 435 may still be a touch screen, but can also be a standardscreen used in conjunction with other input devices such as mouse orkeyboard (not shown). All of the subcomponents of device 410 areconnected and able to communicate via a bus or other communicationinterconnect 437.

Device 410 communicates with a router 412 via communication path 442 toacquire information from the router and to update access controlpolicies. Router 412 can be a wireless or wired router or any other typeof device allowing connected devices to access the Internet or network.Communication path 442 between the device 410 and the router 412 can bea WiFi connection, wired connection, a cellular data network, or anycombination of data connections. Connected devices 414, 416, 418 areconnected to the router 412 via communication paths 446 and access theinternet or a network via their connection to router 412. Communicationpaths 446 may connect the connected devices 414, 416, 418 to router 412by wireless or wired connections. Device 410 can also communicate with aweb service AP via communication path 440 by any known communicationtechnique. The web service API uses a router mapping database viacommunication path 444 to parse data received from the router 412 viathe device 410.

In use the device 410 logs into router 412 based on input from a user orbased on preconfigured access properties. The device then requests andreceives access control information from the router 412. The device 410sends the data to the web service API 420 which parses the data for thedevice 410. Next the device requests and receives information from therouter regarding the connected devices 414, 416, 418. This data is alsosent to the web service API 420 for parsing. The device 410 is operableto accept user input regarding access of a new or existing device to theInternet or network via router 412. The user can choose to allow accessto a new device, deny access to a new device, disable access of apreviously allowed device, or reenable access of a previously disableddevice. The device 410 then sends updated access control information tothe router 412 to enforce the new access policy. In this way the usercan readily monitor and control access of devices connected to theinternet or network via router 412. In general, when in use theprocessor 430 executes instructions that are part of application 436 tocarry out the various actions discussed above.

FIG. 5 shows a sample device 505 with a user interface 500 for thepresently disclosed systems and methods. Device 505 can be any devicediscussed herein and can include the various subcomponents discussedabove relative to device 410 in FIG. 4. The user interface includes alist of connected devices (6 devices shown). Each device includesidentifying information such as 510, 514. The identifying informationmay include a device name (such as Tim's iPad Mini for device 514) aswell as a MAC address. The user interface includes a toggle switch toenable or disable access to each device. In FIG. 5 toggle switch 512 forJonathan's Macbook is in the “online” position which means the device isallowed access to the Internet or network. Toggle switch 516, on theother hand, is in the “offline” position indicating the internet/networkconnection for Tim's iPad Mini is disabled. The user can control theaccess of each device by simply changing the positions of the toggleswitches. In an alternate embodiment, rather than using toggle switchesthe user may simply touch the device identifier to toggle the accesspermission. In this instance it is possible to color code the deviceidentifiers to indicate which devices have access and which devices donot have access. By providing simple toggle switch user interface theuser can quickly modify internet/network access policies with little orno typing and minimal required navigation.

In accordance with the practices of persons skilled in the art ofcomputer programming, embodiments of the methods are described withreference to operations that are performed by a computer system or alike electronic system such as a mobile application running on a mobilephone or tablet. Such operations are sometimes referred to as beingcomputer-executed. It will be appreciated that operations that aresymbolically represented include the manipulation by a processor, suchas a central processing unit, of electrical signals representing databits and the maintenance of data bits at memory locations, such as insystem memory, as well as other processing of signals. The memorylocations where data bits are maintained are physical locations thathave particular electrical, magnetic, optical, or organic propertiescorresponding to the data bits.

When implemented in a programmed device or system, the elements of theembodiments may be essentially the code segments to perform thenecessary tasks. The non-transitory code segments may be stored in aprocessor readable medium or computer readable medium, which may includeany medium that may store or transfer information. Examples of suchmedia include an electronic circuit, a semiconductor memory device, aread-only memory (ROM), a flash memory or other non-volatile memory, afloppy diskette, a CD-ROM, an optical disk, a hard disk, a fiber opticmedium, etc. User input may include any combination of a keyboard,mouse, touch screen, voice command input, etc. User input may similarlybe used to direct a browser application executing on a user's computingdevice to one or more network resources, such as web pages, from whichcomputing resources may be accessed.

While various embodiments have been described above, it should beunderstood that those embodiments have been presented by way of exampleonly and are not meant to limit the claims below. Thus, the breadth andscope of the invention should not be limited by the specific embodimentsdiscussed above, but only according to the claims and their equivalents.

I claim:
 1. A method of controlling internet access, the methodcomprising: displaying on a user interface a list of devices connectedto the internet via a controlled device; receiving input from a user viathe user interface regarding the permission of one or more devices toaccess the internet via the controlled device; and sending permissioninformation to the controlled device to update the permission of one ormore devices to access the internet via the controlled device.
 2. Themethod of claim 1, wherein the user interface includes a toggle switchindicating the current permission setting for each of the listeddevices.
 3. The method of claim 2, wherein receiving input from a userincludes recording a change in the position of at least one toggleswitch.
 4. The method of claim 1, wherein the user interface is part ofa mobile device.
 5. The method of claim 4, wherein the mobile devicecommunicates wirelessly with the controlled device.
 6. The method ofclaim 1, wherein the controlled device is a network router.
 7. Themethod of claim 1, wherein the user interface is part of a laptop ordesktop computer.
 8. The method of claim 7, wherein the laptop ordesktop computer communicates with the controlled device through a wiredconnection.
 9. The method of claim 1, further comprising prior to thedisplaying step: receiving data from the controlled device regarding atleast one of access permission and connected devices; sending the datato a web service api; and receiving parsed data from the web serviceapi.
 10. The method of claim 1, further comprising: receiving logininformation from the user relative to the controlled device; andverifying the login information before displaying the list of devicesconnected to the internet via the controlled device.
 11. Anon-transitory computer readable storage medium with an executableprogram thereon, the program instructing a device to: display on a userinterface a list of devices connected to a controlled device; receiveinput from a user via the user interface regarding the permission of oneor more devices to access the internet via the controlled device; andsend permission information to the controlled device to update thepermission of one or more devices to access the Internet via thecontrolled device.
 12. The non-transitory computer readable storagemedium of claim 11, the program further instructing the device todisplay a toggle switch indicating the current permission setting foreach of the listed devices.
 13. The non-transitory computer readablestorage medium of claim 12, the program further instructing the deviceto record any changes in the position of the toggle switches and to sendthe updated position of any changed toggle switch to the controlleddevice upon the occurrence of the change.
 14. The non-transitorycomputer readable storage medium of claim 11, the program furtherinstructing the device to: receive data from the controlled deviceregarding at least one of access permission and connected devices; sendthe data to a web service api; and receive parsed data from the webservice api.
 15. The non-transitory computer readable storage medium ofclaim 11, the program further instructing the device to: receive logininformation from the user relative to the controlled device; and verifythe login information before instructing the device to display the listof devices connected to the internet via the controlled device.